Skip to main content
banner image
venafi logo

Now There’s an Easy Way to Secure Pivotal Cloud Foundry Secrets [Thanks New Context!]

Now There’s an Easy Way to Secure Pivotal Cloud Foundry Secrets [Thanks New Context!]

middle aged man smiling, in a blue suit and white dress shirt
January 7, 2020 | Bridget Hildebrand

DevOps has redefined how software is brought to market. Many tools now exist to automate pretty much anything, whether that’s pushing code, checking for vulnerabilities or testing code. But protecting the certificate lifecycle is often an area that has yet to be tackled.

For many reasons, protecting machine Identities has become critical to enabling digital transformation. As the world becomes increasingly digital, it is imperative that we authenticate and secure every machine-to-machine connection. Enter the Machine Identity Protection Development Fund, which sponsors the development of integrations with the Venafi Platform accelerating the expansion of the Venafi ecosystem and solving real customer challenges like certificate processes for DevOps today. 

Recently I had the opportunity to meet with New Context, who provides consulting services and builds tools that help their customers around the globe prepare for security orchestration. As part of the Fund, New Context has completed a Venafi Adaptable Driver that integrates with Pivotal Cloud Foundry CredHub. In this continuing interview series with developers, I am speaking with Nathan Shimek who is VP of Client Solutions at New Context.


Bridget: Tell me about New Context and the mission for your clients.

Nathan: New Context is the security innovator for highly regulated industries. Our products and consulting services enable global leaders in energy, government and across a variety of enterprises to build, deploy and maintain Secure Compliant Data Platforms. The New Context Lean Security Intelligence Platform–LS/IQ–turns cybersecurity into a strategic business asset, assessing and optimizing development resources around security and compliance. New Context is a leader in open standards, advancing the development of OpenC2 standard and using security automation as a force multiplier for defenders.

Bridget: Describe for me the machine identity protection challenge you were aiming to solve as part of the Development Fund.

Nathan: Today, enterprises are unable to help their DevOps and hybrid cloud teams protect machine identities when using Pivotal Cloud Foundry. To solve this problem, Cloud Foundry organizations may try to build an Adaptable Application driver for CredHub, which is the central point of control for credential generation, storage, lifecycle management, logging and access control in Cloud Foundry. Or they try to enable developers to connect workflows with Vcert and/or REST APIs. Unfortunately, these approaches are typically one off in design and aren’t available to all Venafi customers. Operating in Pivotal Cloud Foundry requires secrets, including TLS machine identities, to be secured. Until now there hasn’t been a native integration for Venafi Platform and Pivotal Cloud Foundry.

Bridget: What has New Context delivered for Venafi customers? 

Nathan: Our goal has been to enable Venafi customers to securely access and automate TLS machine identities for applications running in Pivotal Cloud Foundry using CredHub as the standard, single vault. So, we utilized an Adaptable Application driver to wrap TLS key and certificate API calls to the CredHub service. This approach would be similar to the Azure Key Vault driver. 

Bridget: How will organizations benefit from using the Pivotal Cloud Foundry CredHub integration with Venafi?

Nathan: The Pivotal Cloud Foundry CredHub and Venafi Adaptable Application Driver allow an organization to use Venafi to manage certificate generation and monitoring and push those certificates to Pivotal Cloud Foundry CredHub for use in Pivotal Cloud Foundry provisioning operations. Centralizing the credentials in Cloud Foundry reduces the risk of leaked credentials and allows them to encrypt application credentials without code modifications. Also, automating the renewal of certificates in Pivotal Cloud Foundry environments eliminates the hassle caused by expired certificates, which prevents downtime and outages.

Learn more about New Context’s Pivotal Cloud Foundry CredHub integration and download the Adaptable Driver today from the Venafi Marketplace. And stay tuned for future interviews with Machine Identity Protection Development Fund recipients.



Related posts


Like this blog? We think you will love this.
Featured Blog

A Guide to Popular DevOps Tools and How They Work

What is Infrastructure as Code (IaC)?

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Bridget Hildebrand
Bridget Hildebrand

Bridget is Sr. Manager, Ecosystem Marketing at Venafi. She has over 20 years of experience managing technology partnerships and global channel programs for a broad range of technology organizations.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more